The weird thing is that other sites used display names first and because that wasn't secure enough, moved on to emails. I think the ones that use multiple forms may be slightly more secure. Example, one used a login name, a password, a character name and a security code. The last being optional.